Login

Sun xVM VirtualBox < 1.6.4 Local Privilege Escalation

High Nessus Plugin ID 33819

Synopsis

The remote Windows host has an application that is affected by a local privilege escalation vulnerability.

Description

The remote host contains a version of Sun xVM VirtualBox, an open source virtualization platform, before 1.6.4. Such versions reportedly include a kernel driver, 'VBoxDrv.sys', that allows a local user to open the device '\\.\VBoxDrv' and issue IOCTLs with a buffering method of 'METHOD_NEITHER' without any validation. Using specially crafted input, an unprivileged user can leverage this issue to execute arbitrary code in kernel mode.